Self-Motivation
David Goggins
Former Navy Seal
Career Development
Bryan Cranston
Actor
Critical Thinking
Liv Boeree
International Poker Champion
Emotional Intelligence
Amaryllis Fox
Former CIA Clandestine Operative
Management
Chris Hadfield
Retired Canadian Astronaut & Author
Learn
from the world's big
thinkers
Start Learning

Data firm left detailed profiles of 48 million people on a publicly accessible website

In the wake of Facebook's Cambridge Analytica scandal, another data firm was discovered to have amassed similar user profiles of millions of people.

Joel Kjellgren, Data Center Manager walks in one of the server rooms at the new Facebook Data Center. (Photo: GETTY/JONATHAN NACKSTRAND)


A report published Wednesday reveals how a data firm built psychographic profiles on 48 million people, using data from Facebook, Twitter, LinkedIn, Zillow, and others—and then left that trove of data unprotected on a cloud storage repository.

The data was compiled by LocalBlox, a firm that “automatically crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks” to build consumer profiles that it sells to companies.  

In February, Chris Vickery, an ethical data breach hunter and director of cyber risk research at the security firm UpGuard, was able to access millions of these profiles on an unlisted and unprotected Amazon Web Services S3 bucket. The bucket contained a 151.3-gigabyte file that, when decompressed, amounted to a 1.2 terabyte that contained the user profiles. It was aptly named “final_people_data_2017_5_26_48m.json.”

“In the wake of the Facebook/Cambridge Analytica debacle, the importance of massive sets of psychographic data is becoming more and more apparent,” UpGuard’s report reads. “The exposed LocalBlox dataset combines standard personal information like name and address, with data about the person’s internet usage, such as their LinkedIn histories and Twitter feeds. This combination begins to build a three-dimensional picture of every individual affected—who they are, what they talk about, what they like, even what they do for a living—in essence, a blueprint from which to create targeted persuasive content, like advertising or political campaigning.”

The consumer profiles amassed by LocalBlox vary in level of detail. Much of the information can be harvested from public sources—the email address listed on your Facebook profile, or the city of residence shown on your Twitter page. Some of the information is believed to have been collected from non-public sources, such as purchased marketing data.

In a ZDNet article published Wednesday, LocalBlox’s chief technology officer Ashfaq Rahman said most of the data discovered by Vickery was fabricated for internal tests, and that Vickery had “hacked in” to the publicly accessible repository. But Vickery had informed LocalBlox that he accessed the repository after discovering the vulnerability in February, and it was reportedly secured soon after.

“Rahman would not say why he restricted the bucket’s permissions hours later,” reads the ZDNet article.

According to Rahman, “no other individual is believed to have accessed this file from the S3 bucket.”

LocalBlox didn’t break any laws in its harvesting of consumer data, though it’s not clear whether it violated the terms of websites like LinkedIn, Facebook, and Zillow, all of which explicitly prohibit data scraping.

In a 2013 article, LocalBlox’s president Sabira Arefin said it’s “up to the individual sites and system to determine the terms and conditions and then enforce any security mechanism in place if they want to prevent scraping.”

Vickery said that companies like LocalBlox should be more responsible in the way they handle and stores people’s data.

“Concentrating millions of people's details can become by its very nature a weaponized thing, and something that can lead to a lot of harm,” Vickery said.

UpGuard’s report concludes:

“The profitability gained by data must come with the responsibility of protecting its integrity and privacy. Cloud storage itself provides functionality and speed at a reasonable cost, but cloud assets require careful configuration—the thin line between private and public can be erased with the flip of a single switch. The lack of controls around common IT processes are what allow critical errors like this to slip into production, eroding the privacy of millions of people.”

Live today! Unfiltered lessons of a female entrepreneur

Join Pulitzer Prize-winning reporter and best-selling author Charles Duhigg as he interviews Victoria Montgomery Brown, co-founder and CEO of Big Think, live at 1pm EDT today.

Two MIT students just solved Richard Feynman’s famed physics puzzle

Richard Feynman once asked a silly question. Two MIT students just answered it.

Surprising Science

Here's a fun experiment to try. Go to your pantry and see if you have a box of spaghetti. If you do, take out a noodle. Grab both ends of it and bend it until it breaks in half. How many pieces did it break into? If you got two large pieces and at least one small piece you're not alone.

Keep reading Show less

How meditation can change your life and mind

Reaching beyond the stereotypes of meditation and embracing the science of mindfulness.

Videos
  • There are a lot of misconceptions when it comes to what mindfulness is and what meditation can do for those who practice it. In this video, professors, neuroscientists, psychologists, composers, authors, and a former Buddhist monk share their experiences, explain the science behind meditation, and discuss the benefits of learning to be in the moment.
  • "Mindfulness allows us to shift our relationship to our experience," explains psychologist Daniel Goleman. The science shows that long-term meditators have higher levels of gamma waves in their brains even when they are not meditating. The effect of this altered response is yet unknown, though it shows that there are lasting cognitive effects.
  • "I think we're looking at meditation as the next big public health revolution," says ABC News anchor Dan Harris. "Meditation is going to join the pantheon of no-brainers like exercise, brushing your teeth and taking the meds that your doctor prescribes to you." Closing out the video is a guided meditation experience led by author Damien Echols that can be practiced anywhere and repeated as many times as you'd like.
Keep reading Show less

Improving Olympic performance with asthma drugs?

A study looks at the performance benefits delivered by asthma drugs when they're taken by athletes who don't have asthma.

Image source: sumroeng chinnapan/Shutterstock
Culture & Religion
  • One on hand, the most common health condition among Olympic athletes is asthma. On the other, asthmatic athletes regularly outperform their non-asthmatic counterparts.
  • A new study assesses the performance-enhancement effects of asthma medication for non-asthmatics.
  • The analysis looks at the effects of both allowed and banned asthma medications.

Keep reading Show less
Scroll down to load more…
Quantcast